The Internet has ushered in a communication revolution. Every day there is a phenomenal volume of information being exchanged via numerous electronic communication channels. Email has become the most ubiquitous form of electronic communication but other communication channels have developed and are used extensively. These other channels include instant messaging (which in early forms predates the Internet), social network sites (such as Facebook® and MySpace®), business networking sites (such as LinkedIn® and Plaxo®), micro-blogging services (such as Twitter®) and various web sites that encourage the input of personal information.
It has long been realised that the Internet has an inherent security risk by virtue of the open connection between a user and all other users. The risk is bidirectional in the sense that external threats (such as viruses and Trojans) can attack the computing equipment of a user and that sensitive internal information can be leaked from the user's computing equipment. The problem is particularly significant for a business. While most businesses are aware of the external threats and implement various firewall protocols, they are less aware of the internal threats. For example, inappropriate use of the Internet can leave a business and its owners open to legal action. Also, disgruntled employees have an ever widening range of opportunities to export sensitive company data via any one of the many electronic communication channels available. Perhaps an even greater risk is the possibility of the unintentional leakage of sensitive information.
Various technologies have been developed to try and protect against external attack and some technologies have been developed to try and protect against internal data leakage. These technologies are almost exclusively limited to email scanning, virus checking or web content rating.
For example, U.S. patent application Ser. No. 11/604,286 describes a system and method for managing content for secure communications. The patent is concerned with decrypting encrypted messages so they can be virus checked, spam filtered or have other policy enforcement applied.
U.S. patent application Ser. No. 11/279,213 describes a content upload tool that scans only outbound communications and it is limited to scanning for personal information only.
U.S. patent application Ser. No. 11/331,030 describes a system for processing network content that uses one or more proxies to buffer network content and uses multiple scanning engines to scan content from different network protocols.
U.S. patent application Ser. No. 11/867,880 describes a scanning system that uses a multifaceted scanning engine that applies rules, thresholds and policies to content to produce modified content. The multifaceted scanning engine operates directly on the received content and is limited by the combination of rules, thresholds and policies and each scanning engine must be implemented with a decoding engine for the underlying data structure.
There is no tool available to convert different formats to a common format to facilitate content scanning a broader range of electronic communications.